WordPress + Bootstrap

Facebook nemesis Max Schrems threw into serious disarray the whole (commercially vital) business of EU-US data transfers when his litigation destroyed the Safe Harbor arrangements. A fix was needed, quickly. The European Commission came up with a fix called the “Privacy Shield”. Some, including members of the Panopticon fold, had a disdainful – even gently mocking – take on the Privacy Shield: see for example Chris’ synopsis here. More importantly, the EU’s Article 29 Working Party did not seem entirely impressed by the Privacy Shield proposal.

Earlier this month, however, the EU member states approved the Privacy Shield. Continue reading →

There have been rumours, but Panopticon can confirm that the appeal to the Supreme Court in Google v Vidal-Hall on the disapplication of section 13(2) of the Data Protection Act 1998 has been withdrawn following an agreement being reached between the parties. This is obviously a disappointment to those wanting to see what the Supremes would make of the Court of Appeal’s very important judgment permitting damages claims for distress without the need to show pecuniary loss (and indeed to those interested in the use of the Charter of Fundamental Rights to disapply primary legislation). What it does mean is that the Court of Appeal decision stands (as discussed here). Whether it will stand for all time, or whether another case will try and re-open the point in the light of the Supreme Court having accepted that it was arguable is another matter, but for the moment continuity reigns and section 13(2) can return to the oblivion from which it had sought to rise.

Christopher Knight

Anya has already posted about what Brexit means for the future of data protection in the UK and there is a general consensus that anyone thinking they can ignore the GDPR now should think again. But just in case Anya Proops QC wasn’t authoritative enough for you (unlikely, I know), Baroness Neville-Rolfe gave a speech on 4 July which touched on data protection in our brave new world. Baroness Neville-Rolfe is, as any fule noe, the Minister for Data Protection. Continue reading →

So five days on from the Brexit referendum and it is clear that that there is no clear, carefully thought out strategy for extricating ourselves from the EU legal edifice. If you feel that this ‘make it up as we go along’ approach to the biggest legal and political challenge which our country has faced in decades is somewhat less than satisfactory, you will be pleased to learn you are not alone.

But if the path to Brexit is unclear you can at least assume that the journey will not be swift. Indeed, it seems likely that it will take at least two years and probably more before we part company with our EU brethren. Why does this matter, apart from the fact that it leaves our country in a protracted state of general confusion and uncertainty? Well for the readers of this blog it matters because there is at least one major piece of EU legislation which is due to take effect within the next two years, namely the EU General Data Protection Regulation.

Continue reading →

THIS POST SHOULD BE READ IN CONJUNCTION WITH MY MORE RECENT POST ON THIS SUBJECT – SEE HERE

As we all reel in shock at today’s news, thoughts will inevitably turn to how our impending divorce from Europe will impact on the sphere of data protection. Our own data protection laws have of course been profoundly shaped by Europe. Until yesterday, many had assumed that Europe’s control over our data protection laws would in due course become even more intensive, as we journeyed into a world in which the EU Data Protection Regulation reigned supreme across Europe. However, the clocks have stopped. The Regulation is not to become law in the UK. The future of data protection law is therefore necessarily shrouded in mystery. Continue reading →

It is often remarked that there is a paucity of clear binding authority on how to interpret the definition of “environmental information” set out in regulation 2 of the Environmental Information Regulations 2004. The issue is important: it is pivotal to whether a request for information is considered under the EIR or under FOIA. The leading domestic authority to date is the decision of the Upper Tribunal in DECC v IC and Henney [2015] UKUT 0671 (AAC). Continue reading →